package com.asm.shiroweb.config;

import com.asm.shiroweb.common.bean.UserBean;
import com.asm.shiroweb.service.UserService;
import com.asm.shiroweb.common.util.EncryptionPassword;
import com.asm.shiroweb.common.util.serializable.MyByteSourceSerializer;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

/*
---------------------------------------------------------------------
/                                                                   /
/              currentUser.getPrincipal()                           /
/              得到的数据 就是                                        /
/              认证里： new SimpleAuthenticationInfo(userBean....    /
/              里 第一个属性 userBean                                 /
/                                                                   /
=====================================================================

 */
//@Configuration   // 好像不要这注解也行
public class MyRealm extends AuthorizingRealm {

    @Autowired
    private UserService userService;

    private Logger logger = LoggerFactory.getLogger(MyRealm.class);

    /*
    授权
        【绑定角色 和 资源】
     */
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal) {
        logger.info(">>>>>>>>>> 授权器：MyRealm.doGetAuthorizationInfo >>>>>>>>>>>>");


        final SimpleAuthorizationInfo orization = new SimpleAuthorizationInfo();
//        orization.setObjectPermissions();
//        orization.setRoles();


/*
        // UserBean{userName='manager', userPass='manager', userRoles=[manager], userPerms=[salary]}
        final UserBean primaryPrincipal = (UserBean) principal.getPrimaryPrincipal();
        logger.info(primaryPrincipal.toString());
*/

        // (UserBean) principal.asList().get(0) =
        // UserBean{userName='manager', userPass='manager', userRoles=[manager], userPerms=[salary]}
        final UserBean user = (UserBean) principal.asList().get(0);
        logger.info("(UserBean) principal.asList().get(0) = " + user.toString());

        // 进行 【绑定角色 和 资源】
        orization.addRoles(user.getUserRoles());
        orization.addStringPermissions(user.getUserPerms());
        return orization;
    }

    /*
    认证
        注意：密码比对 shiro中帮我们完成
     */
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        logger.info("=========== MyRealm.doGetAuthenticationInfo ");


        UsernamePasswordToken userToken = (UsernamePasswordToken) token;

        // 根据 用户名 从数据库 获取用户
        final UserBean userBean = userService.queryUserByName(userToken.getUsername());

        if (null == userBean) {
            return  null;// 抛出：UnknownAccountException
        }
        // 【shiro 帮忙匹配密码】
        final SimpleAuthenticationInfo enticationInfo = new SimpleAuthenticationInfo(
                userBean,
                userBean.getUserPass(),
                new MyByteSourceSerializer(EncryptionPassword.SALT),
                this.getClass().getName());

        return enticationInfo;
    }
}
